In light of on-going exchange security issues (this goes back to the beginning for MTGOX if you read the archives) I'm going to start a bounty for development of a secure, private exchange for bitcoin. If someone else wants to have a go then lulzSec will be requested to white-hat attack it as the first test.

Why the fuck should LulzSec care about Bitcoin or anything else for that matter? They're in it for the lulz and would most likely applaud the guy who caused all this drama, they aren't white hats.

They're sitting on (or at least were given) a somewhat sizable amount of donations in BTC. Assuming they haven't cashed it out for more easily traced dollars, they have some interest in keeping Bitcoin somewhat useful.

I really don't think they do. My money would be on that they're at least wealthy enough to be doing what they're doing, and the fact that people are giving them an anonymous e-cash reward for something they do out of the pure hilarity of it is almost certainly just icing on the cake.

Why do people take hackers like Anonymous, LulzSec, etc, and then turn them into some imaginary white knight?

I really don't think they do. My money would be on that they're at least wealthy enough to be doing what they're doing, and the fact that people are giving them an anonymous e-cash reward for something they do out of the pure hilarity of it is almost certainly just icing on the cake.

Why do people take hackers like Anonymous, LulzSec, etc, and then turn them into some imaginary white knight?

If someone else wants to have a go then lulzSec will be requested to white-hat attack it as the first test.

i) what makes you think they would accept your requestii) If they do accept, what makes you think they wouldn't just say "nope, no problems" wait till people start using it then attack it, that would be lulzy

Oh, I'm quite sure you could get them to take money from you. They'd probably even act like you were doing a smart thing. Taking cash that's openly offered to you for doing work when the only thing you're known for is screwing people over is pretty lulzy. Actually doing the work wouldn't be lulzy at all.

What you're actually interested in hiring is known as an app sec consultancy. There are many, almost any of them having the ability to find the simple SQLi's and CSRF that mt. gox fell to. As an added bonus, most of them won't currently be involved in committing federal felonies on a daily or weekly basis. Here's an example of such a firm that's well thought of: http://www.matasano.com/

The problem with hiring people who are actively robbing banks to design your vault is that you really have no excuse to give when they come back and rob you.

I really don't think they do. My money would be on that they're at least wealthy enough to be doing what they're doing, and the fact that people are giving them an anonymous e-cash reward for something they do out of the pure hilarity of it is almost certainly just icing on the cake.

Why do people take hackers like Anonymous, LulzSec, etc, and then turn them into some imaginary white knight?